authstrategies 0.0.6 → 0.1.0

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    MGY1ZDIxMDhhYWMxZmJiYmZiOWU5NzM4Y2EyZmY3NDA0NjBmYzRlYg==
+    NmY5MzNhOTc3ZDVlMGNiODg4OTkxZmY4ZjU2MTE1MmFjOTdmNGI2OQ==
   data.tar.gz: !binary |-
-    MGUwMDE5ZDc0YTQ5ZGViNjZiNTczNmQxMWJlMTJlNTNlM2UwOWMxZQ==
+    ZjE4YmVhYjhhNDVhMmU2N2ZhOTBiZmRlNmU5M2VlYWRhM2E4OGE0Mg==
 SHA512:
   metadata.gz: !binary |-
-    NTk0MWUxOGU1MzRmMDk5YzhiYzAxMWQ3NWMwOWUxNzNhN2E4NzkxY2YxZWQ5
-    NjEyNGVkNDFiMWYxNTQzNDc5NDczYjUxYmEwZGQwOGY1YTllNzExMGEwNTc2
-    OTUwYzQ1NGZiYWNhYTU3ZTNhYzA3Y2Q1ZTMwZjVlYjE3YTY1ZTM=
+    OWMwZDJlZTQ5NTRlNzUyNTI4NWQ3ZjY0ODQ3MGQzYjAyNTU0ZmM5NWY3Y2Zi
+    NWFmMWNlMTI0N2IwZGNmYjNiOTRjMWFkOWMxNDI4NGNhYzg2ODZjNDIyYTA2
+    Y2EzNjVkNTQxZjlhMTAzOGNmZjk5ZGNmNTVmMzE5OTI3ZGQwNjQ=
   data.tar.gz: !binary |-
-    YzI2NjViNzJlMzhkMzQ0NTljMGM1NDM5MjAyNDdiNDE2Mjk0NmQ3OWFjNmM0
-    ZGJlNTJjYjY0MmNlYWViODk0ZTQzZDFhM2ZlZmU2YjRmYmY2NmQwNDU4YmFl
-    ZGUyNWRmMDc2Y2FmMjUyMjdlNDYzZDRmM2MyZWI0ZThlNmNhOTk=
+    NzM4MDJiNzQzMWFhNmQ3MGY1YWZmMTBiZjAyZjI2ZjdhNWM3NGQwMzhiMjkw
+    MGJiNjliMDc1YjliYTZlOGI0NzEzN2FmOWJmNjQ3ZDQxOTU5ZWM5ZDNlMTRj
+    MTczMDEyZjQxZjczNmE5ODMxNDQ0NDYyZTc1ZTEwNjFjNWI1MTI=

data/README.md

@@ -1,6 +1,6 @@
 # Authstrategies
 
-TODO: Write a gem description
+Warden implementation for Sinatra
 
 ## Installation
 
@@ -18,8 +18,56 @@ Or install it yourself as:
 
 ## Usage
 
-TODO: Write usage instructions here
+Authstrategies uses sinatra-activerecord as orm. There is currently no rake task to generate a migration for the user model, but you can use the following: (courtesy of device)
 
+	  def up
+			create_table :users do |t|
+				t.string :email,							:null => false, :defautl => ""
+				t.string :encrypted_password, :null => false, :default => ""
+
+				t.string remember_token
+				t.boolean :remember_me
+
+				t.timestamps
+			end
+
+			add_index :users, :email,			:unique => true
+			add_index :remember_token,		:unique => true
+	  end
+
+
+After that your application should be configurad similarly to the following:
+
+    require 'authstrategies'
+
+		class YourApp < Sinatra::Application
+			use Rack::Session::Cookie, {
+				:secret => 'such secret many secure wow',
+				:expire_after => 3600
+			}
+			use Rack::Flash
+			use Authstrategies::Middleware
+		end
+
+The expire after for Rack::Session::Cookie is optional, but I set it, because
+some modern browsers will not delete session cookies after the user closes his browser like you would normally expect. This may pose a security thread if your users log in from a public computer.
+
+If you want to use the helpers provided with authstrategies put:
+
+		require 'authstrategies/helpers'
+
+		helpers Authstrategies::Helpers
+
+in your code.
+
+To authenticate a user call authenticate!
+To check if a user is authenticated call authenticated?
+To get the currently logged in user call current_user
+To logout the user class logout.
+
+login_path returns the login path as a string
+logout_path returns the logout path as a string
+signup_path returns the signup path as a string
 ## Contributing
 
 1. Fork it

data/authstrategies.gemspec

@@ -8,9 +8,9 @@ Gem::Specification.new do |spec|
   spec.version       = Authstrategies::VERSION
   spec.authors       = ["Dobromir Ivanov"]
   spec.email         = ["dobromir0ivanov@gmail.com"]
-  spec.description   = %q{AuthStrategies is a Warden implementation for sinatra. For now it only implements a password strategy.}
+  spec.description   = %q{AuthStrategies is a Warden implementation for sinatra.}
   spec.summary       = %q{Warden implementation for Sinatra}
-  spec.homepage      = ""
+  spec.homepage      = "https://github.com/d0ivanov/authstrategies"
   spec.license       = "MIT"
 
   spec.files         = `git ls-files`.split($/)
@@ -23,7 +23,10 @@ Gem::Specification.new do |spec|
 
 	spec.add_runtime_dependency "sinatra"
 	spec.add_runtime_dependency "sinatra-activerecord"
-	spec.add_runtime_dependency "activerecord"
+	spec.add_runtime_dependency "protected_attributes"
 	spec.add_runtime_dependency "warden"
 	spec.add_runtime_dependency "bcrypt-ruby"
+	spec.add_runtime_dependency "rack"
+	spec.add_runtime_dependency "rack-flash3", '1.0.5'
+
 end

data/lib/authstrategies/helpers.rb

@@ -1,7 +1,7 @@
 module Authstrategies
 	module Helpers
-		def authenticate!
-			env['warden'].authenticate!
+		def authenticate! strategy= :password
+			env['warden'].authenticate! strategy
 		end
 
 		def authenticated?
@@ -15,5 +15,17 @@ module Authstrategies
 		def logout
 			env['warden'].logout
 		end
+
+		def login_path
+			'/login'
+		end
+
+		def logout_path
+			'/logout'
+		end
+
+		def signup_path
+			'/signup'
+		end
 	end
 end

data/lib/authstrategies/middleware.rb

@@ -0,0 +1,64 @@
+module Authstrategies
+	class Middleware < Sinatra::Base
+			register Base
+			register RememberMe
+
+			get '/login/?' do
+				redirect '/' if authenticated?
+				erb :login
+			end
+
+			post '/login' do
+				redirect '/' if authenticated?
+				authenticate!
+				if authenticated?
+					if params["remember_me"] == "on"
+						current_user.remember_me!
+						response.set_cookie("authstrategies",
+							:value => current_user.remember_token,
+							:expires => Time.now + 7 * 24 * 3600
+						)
+					end
+					flash[:notice] = "Logged in successfully!"
+					redirect '/'
+				else
+					flash[:error] = env["warden"].message
+					redirect '/login'
+				end
+			end
+
+			get '/logout/?' do
+				if authenticated?
+					current_user.forget_me!
+					response.delete_cookie("authstrategies")
+					logout
+					flash[:notice] = "Successfully logged out!"
+					redirect '/'
+				end
+				redirect '/'
+			end
+
+			post '/unauthenticated' do
+				flash[:error] = env["warden"].message
+				redirect '/login'
+			end
+
+			get '/signup/?' do
+				redirect '/' if authenticated?
+				erb :signup
+			end
+
+			post '/signup' do
+				redirect '/' if authenticated?
+				user = User.new(params)
+				if user.valid?
+					user.save
+					flash[:notice] = "Successfully signed up!"
+					redirect '/'
+				else
+					flash[:error] = user.errors.messages
+					redirect '/signup'
+				end
+			end
+	end
+end

data/lib/authstrategies/models/user.rb

@@ -0,0 +1,49 @@
+require 'bcrypt'
+require 'active_record'
+require 'protected_attributes'
+
+class User < ActiveRecord::Base
+	include BCrypt
+
+	validates :email, :password, presence: true
+	validates :email, uniqueness: true
+
+	validates :password, confirmation: true
+ 	validates :password, length: { in: 8..20,
+		too_long: "%{count} is the maximum allowed!",
+		too_short: "must be at least %{count}" }
+
+	attr_accessible :email, :password, :remember_me, :remember_me_token
+
+	def password
+		@password ||= Password.new(encrypted_password)
+  end
+
+	def password= password
+		@password = Password.create(password)
+		self.encrypted_password = @password
+	end
+
+	def authenticate request
+		if self.password == request["password"]
+			true
+		else
+			false
+		end
+	end
+
+	def remember_me!
+		self.update_attribute('remember_me', true)
+		self.update_attribute('remember_token', new_token)
+	end
+
+  def forget_me!
+		self.update_attribute('remember_me', false)
+		self.update_attribute('remember_token', nil)
+	end
+
+	private
+		def new_token
+			Password.create(Time.new.to_s)
+		end
+end

data/lib/authstrategies/password.rb

@@ -0,0 +1,16 @@
+module Authstrategies
+	class PasswordStrategy < Warden::Strategies::Base
+		def valid?
+			!!(request["email"] && request["password"])
+		end
+
+		def authenticate!
+			user = User.find_by_email(request["email"])
+			if user && user.authenticate(request)
+				success!(user)
+			else
+				fail("Invalid username or password!")
+			end
+		end
+	end
+end

data/lib/authstrategies/remember_me.rb

@@ -0,0 +1,15 @@
+module Authstrategies
+	class RememberMeStrategy < Warden::Strategies::Base
+		def valid?
+			!!(request.cookies["authstrategies"])
+		end
+
+		def authenticate!
+			user = User.find_by_remember_token(request.cookies["authstrategies"])
+			if user && user.remember_me
+				success!(user)
+			end
+			fail!('')
+		end
+	end
+end

data/lib/authstrategies/session_serializer.rb

@@ -0,0 +1,11 @@
+module Authstrategies
+	class Warden::SessionSerializer
+		def serialize(user)
+			user.id
+		end
+
+		def deserialize id
+			User.find(id)
+		end
+	end
+end

data/lib/authstrategies/version.rb

@@ -1,3 +1,3 @@
 module Authstrategies
-  VERSION = "0.0.6"
+  VERSION = "0.1.0"
 end

data/lib/authstrategies.rb

@@ -3,95 +3,34 @@ require "warden"
 require "rack-flash"
 require "sinatra/base"
 require "active_record"
-require "authstrategies/helpers"
-require "authstrategies/user"
+require "bcrypt"
+require "authstrategies/session_serializer.rb"
+require "authstrategies/helpers.rb"
+require "authstrategies/password.rb"
+require "authstrategies/remember_me.rb"
+require "authstrategies/models/user.rb"
 
 module Authstrategies
-	private
-		class Warden::SessionSerializer
-			def serialize(user)
-				user.id
-			end
-
-			def deserialize(id)
-				User.find(id)
-			end
-		end
+	module Base
+		def self.registered(app)
+			app.helpers Helpers
 
-		class PasswordStrategy < Warden::Strategies::Base
-			def valid?
-				!!(request["email"] && request["password"])
+			app.use Warden::Manager do |manager|
+				manager.failure_app = app
+				manager.default_strategies :password, :remember_me
 			end
 
-			def authenticate!
-				user = User.find_by_email(request["email"])
-				if user && user.authenticate(request)
-					success!(user)
-				else
-					fail!("Invalid username or password")
-				end
-			end
-		end
-
-		module Base
-			def self.registered(app)
-				app.helpers Helpers
-				app.use Warden::Manager do |manager|
-					manager.failure_app = app
-					manager.default_strategies :password
-				end
-
-				Warden::Strategies.add(:password, PasswordStrategy)
-
-				app.get '/login/?' do
-					redirect '/' if authenticated?
-					erb :login
-				end
-
-				app.post '/login' do
-					redirect '/' if authenticated?
-					authenticate!
-					if authenticated?
-						flash[:notice] = "Logged in successfully!"
-						redirect '/'
-					else
-						flash[:error] = env["warden"].message
-						redirect '/login'
-					end
-				end
-
-				app.get '/logout/?' do
-					logout
-					flash[:notice] = "Successfully logged out!"
-					redirect '/'
-				end
-
-				app.post '/unauthenticated' do
-					flash[:error] = "Invalid username or password!"
-					redirect '/login'
-				end
-
-				app.get '/signup/?' do
-					redirect '/' if authenticated?
-					erb :signup
-				end
-
-				app.post '/signup' do
-					redirect '/' if authenticated?
-					user = User.new(params)
-					if user.valid?
-						user.save
-						flash[:notice] = "Successfully signed up!"
-						redirect '/'
-					else
-						flash[:error] = user.errors.messages
-						redirect '/login'
-					end
-				end
+			Warden::Manager.before_failure do |env,opts|
+						env['REQUEST_METHOD'] = 'POST'
 			end
+			Warden::Strategies.add(:password, PasswordStrategy)
 		end
+	end
 
-		class Middleware < Sinatra::Base
-			register Base
+	module RememberMe
+		def self.registered(app)
+			Warden::Strategies.add(:remember_me, RememberMeStrategy)
 		end
+	end
 end
+require "authstrategies/middleware.rb"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: authstrategies
 version: !ruby/object:Gem::Version
-  version: 0.0.6
+  version: 0.1.0
 platform: ruby
 authors:
 - Dobromir Ivanov
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-12-22 00:00:00.000000000 Z
+date: 2013-12-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -67,7 +67,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: activerecord
+  name: protected_attributes
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ! '>='
@@ -108,8 +108,35 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
-description: AuthStrategies is a Warden implementation for sinatra. For now it only
-  implements a password strategy.
+- !ruby/object:Gem::Dependency
+  name: rack
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-flash3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.0.5
+description: AuthStrategies is a Warden implementation for sinatra.
 email:
 - dobromir0ivanov@gmail.com
 executables: []
@@ -124,10 +151,15 @@ files:
 - authstrategies.gemspec
 - lib/authstrategies.rb
 - lib/authstrategies/helpers.rb
+- lib/authstrategies/middleware.rb
+- lib/authstrategies/models/user.rb
+- lib/authstrategies/password.rb
+- lib/authstrategies/remember_me.rb
+- lib/authstrategies/session_serializer.rb
 - lib/authstrategies/version.rb
-- lib/views/login.erb
-- lib/views/signup.erb
-homepage: ''
+- lib/authstrategies/views/login.erb
+- lib/authstrategies/views/signup.erb
+homepage: https://github.com/d0ivanov/authstrategies
 licenses:
 - MIT
 metadata: {}